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DETAILED ACTION 

1 . The amendment of 30 September 2005 has been noted and made of record. 

2. Claims 1-28 have been presented for examination. 

Response to Arguments 

3. Applicant's arguments, see pages 12- 15, filed 30 September 2005, with respect to claims 
1-10 and 26-28 have been fully considered and are persuasive. The rejection of claims 1-10 and 
26-28 has been withdrawn. 

4. In response to applicant's argument that the references fail to show certain features of 
applicant's invention, it is noted that the features upon which applicant relies, such as receiving a 
third public key valued from a third node that seeks to join the first network communication 
entity and creating a second shared secret key valued based on the collective public key value 
and the third public key value, are not recited in the remaining rejected claims. Although the 
claims are interpreted in light of the specification, limitations from the specification are not read 
into the claims. See In re Van Geuns, 988 F.2d 1 181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

5 . See further rej ections that follow. 

Claim Rejections 

6. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

7. Claims 11-15, 17-20, and 22-25 are rejected under 35 U.S.C. 102(b) as being anticipated 
by U.S. Patent No. 5,668,877 to Aziz, hereinafter Aziz. 

8. As per claim 1 1, Aziz teaches a method for establishing a secure communication session 
among a first node of a network and one or more other nodes that joined in a first network 
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communication entity, using a group shared secret key value, each of the nodes having a private 
key value associated therewith, the method comprising the computer-implemented steps of: 

communicating a first public key value from a first node that is joining the first network 
communication entity to each other node that is currently within the first network 
communication entity (column 2, lines 20-44, column 8, line 30 to column 9, line 67); 

receiving a collective public key value that is shared by each other node in the first 
network communication entity and that is based on private key values associated with each other 
node in the network communication entity (column 2, lines 20-44, column 4, lines 33-53, column 

8, line 30 to column 9, line 67); 

creating the group shared secret key value based on the collective public key value and 
the private key value associated with the first node (column 2, lines 20-44, column 4, lines 33- 
53, column 8, line 30 to column 9, line 67); and 

joining the first node to a second network communication entity that includes the first 
network communication entity and the first node and that uses secure communication with 
messages that are encrypted using the group shared secret key value (column 4, lines 33-53, 
column 14, line 3 to column 16, line 58) 

9. Regarding claim 12, Aziz teaches wherein joining the first node to a second network 
communication entity includes the step of communicating the first private key value to the 
second node and to the third node using messages encrypted using the shared secret key value 
(column 4, lines 33-53, column 8, line 30 to column 9, line 67, column 14, line 3 to column 16, 
line 58, i.e. acquiring a new member to join group). 
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10. Regarding claim 13, Aziz teaches wherein creating and storing a shared secret key value 
further comprises creating and storing the shared secret key based upon how many times each 
node of the second network communication entity has participated in formation of any such 
entity and based upon each private number of each node in the second network communication 
entity (column 3, lines 9-50). 

11. Regarding claim 14, Aziz teaches further comprising the step of creating and storing a 
subsequent shared secret key for use by the first network communication entity and the third 
node to enable the third node to independently compute the group shared secret key (column 4, 
lines 33-53, column 8, line 30 to column 9, line 67, column 14, line 3 to column 16, line 58). 

12. With regards to claim 15, Aziz teaches wherein creating and storing the subsequent 
shared secret key comprises creating and storing the subsequent shared secret key, k, according 
to the relation 

k = p^WW mod (q) 

where p = a random number, q = a prime number, a = the first private key value, b = the 
second private key value, c = a private key value of the third node, x = a number of times the 
first node has participated in entity formation, y = a number of times the second node has 
participated in entity formation, and z = a number of times the third node has participated in 
entity formation (column 3, lines 10-50, column 10, lines 3-40). 



Application/Control Number: 1 0/7 1 5,72 1 Page 5 

Art Unit: 2131 

13. Regarding claim 17, Aziz teaches wherein the step of joining the first node to a second 
network communication entity further comprises creating and storing a subsequent collective 
public key based upon the collective public key value and the first public key value of the first 
node (column 4, lines 33-53, column 8, line 30 to column 9, line 67, column 14, line 3 to column 
16, line 58). 

14. Regarding claim 18, Aziz teaches wherein the step of joining the first node to a second 
network communication entity further comprises receiving the collective public key from one of 
the nodes of the first network communication entity that was the first node to join the first 
network communication entity (column 4, lines 33-53, column 8, line 30 to column 9, line 67, 
column 14, line 3 to column 16, line 58). 

15. Regarding claim 19, Aziz teaches wherein creating and storing an initial shared secret 
key for the first node and second node comprises creating and storing an initial shared public key 
"AB" according to the relation 

AB = k ab ab mod (q) = p (ab)(ab) mod (q) 

wherein k = the initial shared secret key value, a = the first private key value, b = the 
second private key value, p is a base value, and q is a randomly generated prime number value 
(column 3, lines 10-50, column 10, lines 3-40). 

16. As per claim 20, Aziz discloses a method for exchanging cryptographic keys, the method 
comprising: 
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forming a multicast group initially comprising a first node and a second node, the first 
node generating a first private value, the second node generating a second private value, wherein 
the initial multicast group exchanges the first private value and the second private value with ht 
second node and the first node, respectively, using a shard secret key, the multicast group 
generating a common public key (column 2, lines 20-44, column 4, lines 33-53, column 8, line 
30 to column 9, line 67); and 

joining the multicast group by a new node, the new node generating a new private value 
and a corresponding public key, the step of joining includes: 

sending the common public key of the multicast group by a member of the multicast 
group by a member of the multicast group to the new node; tracking a number of times each 
node in the multicast group participates in the step of joining; computing a new shared secret key 
by the new node based upon the common public key of the multicast group and the new private 
value; publishing the public key of the new node; and computing the new shared secret key by 
each member of the multicast group based upon the public key of the new node, the private 
values of each member, and the number of times each node in the multicast group participates in 
the step of joining (column 4, lines 33-53, column 14, line 3 to column 16, line 58). 

17. Concerning claim 22, Aziz discloses wherein the step of joining the first node to a second 
network communication entity further comprises determining which one of the nodes of the first 
network communication entity is designated to transfer the collective public key based upon 
order of entry into the formed entity (column 4, lines 33-53, column 14, line 3 to column 16, line 
58). 
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18. Concerning claim 23, Aziz teaches wherein the step of joining the first node to a second 
network communication entity further comprises determining which one of the nodes of the first 
network communication entity is designated to transfer the collective public key based upon a 
predetermined metric (column 12, line 59 to column 13, line 67). 

19. Regarding claim 24, Aziz teaches wherein the plurality of nodes communicate over a 
packet switched network that supports, in part, Internet Protocol (column 2, lines 65-67). 

20. Regarding claim 25, Aziz teaches wherein the first node, the second node, and the new 
node are authenticated by a distributed directory (column 4, lines 33-57). 

21. Claims 16 and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable over Aziz in 
view of U.S. Patent No. 6,629,243 to Kleinman et al, hereinafter Kleinman. 

22. Regarding claims 16 and 21, Aziz does not teach wherein the step of communicating the 
first public key value of the first node to the first network communication entity by storing the 
first key value in a key distribution center. 

23. Kleinman discloses wherein the step of communicating the first public key value of the 
first node to the first network communication entity by storing the first key value in a key 
distribution center (column 2, lines 60-67). 

24. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to distribute the keys via a key distribution center, since Kleinman states at column 2, 
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lines 51-59 that such a modification would ensure the safe and secure distribution of the keys to 
the respective members of the group. 

Allowable Subject Matter 

25. The following is a statement of reasons for the indication of allowable subject matter: 
The Examiner could find no teachings in the prior art receiving a third public key valued 

from a third node that seeks to join the first network communication entity and creating a second 
shared secret key valued based on the collective public key value and the third public key value. 
Since no teachings or motivation can be found of receiving a third public key valued from a third 
node that seeks to join the first network communication entity and creating a second shared 
secret key valued based on the collective public key value and the third public key value, claims 
1-10 and 26-28 are therefore novel and non-obvious. 

Conclusion 

26. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

27. The following patents are cited to further show the state of the art with respect to the 
closest related, commonly assigned, common inventor art, such as: 

United States Patent No. 6,684,331 to Srivastava. 
United States Patent No. 6,901,510 to Srivastava. 
United States Patent No. 6,987,855 to Srivastava. 

28. The following patents are cited to further show the state of the art with respect to similar 
methods as to the claimed invention, such as: 

United States Patent No. 5,666,415 to Kaufman, which is to show user authentication. 
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United States Patent No. 5,491,750 to Bellare et al., which is to show three-party entity 
authentication and key distribution. 

United States Patent No. 6,917,685 to Watanabe et al., which is to show IP key 
management. 

29. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christian La Forgia whose telephone number is (571) 272-3792. 
The examiner can normally be reached on Monday thru Thursday 7-5. 

30. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

3 1 . Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Christian LaForgia 
Patent Examiner 
Art Unit 2131 
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